Institutionen fr mikroelektronik och

informationsteknik

2G1330 Mobile and Wireless Network

Architectures

Network Signaling and CDPD

Lecture notes of G. Q. Maguire Jr.
For use in conjunction with Wireless and Mobile Network Architectures, by Yi-Bing
Lin and Imrich Chlamtac, John Wiley & Sons, 2001, ISBN 0-471-39492-0

1998, 1999, 2000,2002 G.Q.Maguire Jr. .

All rights reserved. No part of this course may be reproduced, stored
in a retrieval system, or transmitted, in any form or by any means,
electronic, mechanical, photocopying, recording, or otherwise,
without written permission of the author.

Last modified: 2002.03.14:11:58

Maguire P4-Lecture2-2002.fm Total pages: 41

maguire@it.kth.se 2002.03.14
 Lecture 2 (Chapters 5-8)

Maguire Lecture 2 (Chapters 5-8) Network Signaling and CDPD:2 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Network Signaling
Interconnection between a PCN and a PSTN for
mobility management - tracking the location of mobile users
call control - setting up the call path between a mobile users and the
other call party
interconnection interfaces - the interconnections themselves
message routing - information exchange
Mobile Identification Number (MIN) -- the main means of identifying a MS
Universal Personal Telecommunication (UPT) number - a number associated with
a mobile subscriber.

Maguire Network Signaling Network Signaling and CDPD:3 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Transaction Capabilities Application Part
(TCAP)
For exchanging information which is not circuit related.
More than 50 TCAP operations in IS-41 just for:
inter-MSC handoff
automatic roaming
operation, administration, and maintenace
A TCAP message has two parts: transaction and component

transaction QueryWithPermission, Response, ConversationWithPermssion,

and Unidirectional (pass info in one direction)

component INVOKE, RETURN RESULT (Last), RETURN ERROR, or REJECT

Each TCAP transaction has a timeout associated with it and use connectionless
transport.

Maguire Transaction Capabilities Application Part (TCAP) Network Signaling and CDPD:4 of 41
maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 TCAP message flow for a MS registration

PCS1 PSTN PCS2

STP1 STP2 STP3 STP4

VLR1
MSC1 Database HLR VLR2
Database MSC2
Database

RegistrationNotification (INVOKE)
RegistrationNotification (INVOKE)
T2
RegistrationNotification (RETURN RESULT)
T1
T3 RegistrationCancellation (INVOKE)
RegistrationNotification (RETURN RESULT
RegistrationCancellation (RETURN RESULT)

RegistrationCancellation (INVOKE)
T4
RegistrationCancellation (RETURN RESULT)
QualificationRequest (INVOKE)
T5
QualificationRequest (RETURN RESULT)

ServiceProfileRequest (INVOKE)
T6
ServiceProfileRequest (RETURN RESULT)

Figure 1: Mobile roams from PCS1 to PCS2

Maguire Transaction Capabilities Application Part (TCAP) Network Signaling and CDPD:5 of 41
maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Transaction 2 - additional details
Signal Transfer Point3 (STP3) does a table lookup, i.e., Global Title Translation
(GTT) on the MIN to identify the HLRs address, then the TCAP message is
forwarded from STP3 to STP2 where the HLR is.
GTT is needed because non-geographic numbering is assumed.

Maguire Transaction 2 - additional details Network Signaling and CDPD:6 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Automatic Code Gapping (ACG)
Can use Automatic Code Gapping (ACG) to reduce the rate at which a network
entity such as a MSC sends service request messages to a service control function.
ACG can be applied automatically when an overload occurs or applied manually
for system management. ACG can be applied to query messages destined for a
specific Point Code and Subsystem Number or for an SCCP Global Title.
3rd Generation Partnership Project 2 (3GPP2), Automatic Code Gapping (Stage
1), 3GPP2 S.R0016, Version 1.0.0, Version Date: December 13, 1999
http://www.3gpp2.org/Public_html/specs/S.R0016_v1.pdf

Maguire Automatic Code Gapping (ACG) Network Signaling and CDPD:7 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 TIA TSB-51: Authentication, Signaling
Message Encryption and Voice Privacy
supports authentication over multiple air interfaces (AMPS,TDMA, &
CDMA) -- GSM authentication is excluded, because the GSM
authentication process has been defined in the GSM standards
provides a method of pre-call validation of (MS) that does not require
user intervention
uses Global Challenge procedures at registration, call origination, call
termination, and at any time using Unique Challenge procedures
without-sharing (WS) scheme: shared secret data (SSD) known only
to Authentication Center (AuC) and MS
sharing (S) scheme: the SSD or some aspect of it is shared with visited
system
SSD based on Authentication Key (A-Key) - never transmitted over the
air
Also includes procedures for generation and distribution of SSD

Maguire TIA TSB-51: Authentication, Signaling Message Encryption and Voice Privacy Network Signaling and
maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 MIN and ESN
Mobile Identification Number (MIN) - a North American Numbering Plan
(NANP) number which is the phone number of a mobile phone
Electronic Serial Number (ESN) - a 32 bit serial number programmed into the
phone at manufacture (top 8 bits identify the manufacturer)
In AMPS the MIN and ESP are tranmitted in the clear over the air - so it is easy to
listen for them and then program another phone with the same values clone
This lead to hundreds of millions of dollars of fraud TSB-51

Maguire MIN and ESN Network Signaling and CDPD:9 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Without-Sharing Scheme
PCS1 PCS2 LAn
AuC
Database HLR VLR2 BS MH
Database MSC2
Database

LA info
registration request
RAND
AUTHR, ESN, MIN, RANDC, COUNT

AuthenticationRequest (INVOKE)
AuthenticationRequest (INVOKE)

AuthenticationRequest (INVOKE)
AuC verifies
AUTHR COUNT

AuthenticationRequest (RETURN RESULT)

AuthenticationRequest (RETURN RESULT)

AuthenticationRequest (RETURN RESULT)

Figure 2: Mobile moves into a new Location Area (LA) at PCS2

If authentication fails the result is RETURN ERROR.

Maguire Without-Sharing Scheme Network Signaling and CDPD:10 of 41
maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Without-Sharing Call Origination
PCS1 PCS2 LAn
AuC
Database HLR VLR2 BS MS
Database MSC2
Database computes
VPMASK
SMEKEY
MS originates call
AUTHR, ESN, MIN, RANDC, COUNT

AuthenticationRequest (INVOKE)
AuthenticationRequest (INVOKE)
AuthenticationRequest (INVOKE)
AuC verifies AUTHR
generates VPMASK, SMEKEY

AuthenticationRequest (RETURN RESULT)

AuthenticationRequest (RETURN RESULT)
AuthenticationRequest (RETURN RESULT)

Figure 3: Mobile places a call in PCS2

Because of SSD the AuC can generate the same Voice Privacy Mask (VPMASK)
and Signaling Message Encryption Key (SMEKEY) as the mobile and passes this
information to the operator of PSC2

Maguire Without-Sharing Call Origination Network Signaling and CDPD:11 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Sharing Scheme
Old VLR PCS2 LAn
PCS1
AuC HLR VLR3 VLR2 MH
Database MSC2 BS
Database Database Database

LA info
registration request
RAND
AUTHR, ESN, MIN, RANDC, COUNT

AuthenticationRequest (INVOKE)
AuthenticationRequest (INVOKE)
AuthenticationRequest (INVOKE)
AuC verifies
AUTHR

CountRequest (INVOKE)
CountRequest (INVOKE)

CountRequest (RETURN RESULT)

CountRequest (RETURN RESULT)
AuC verifies
COUNT

AuthenticationRequest (RETURN RESULT)

AuthenticationRequest (RETURN RESULT)
AuthenticationRequest (RETURN RESULT)
Figure 4: Mobile moves into a new Location Area (LA) at PCS2 registration using Sharing scheme

Maguire Sharing Scheme Network Signaling and CDPD:12 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Sharing Call Origination
PCS2 LAn
VLR2 BS MS
Database MSC2
computes
VPMASK
SMEKEY
MS originates call
AUTHR, ESN, MIN, RANDC, COUNT

AuthenticationRequest (INVOKE)

AuC verifies AUTHR, COUNT

generates VPMASK, SMEKEY

AuthenticationRequest (RETURN RESULT)

Figure 5: Mobile places a call in PCS2 using sharing scheme

Note that because the visited system shares the SSD it no longer has to contact the
home PCSs AuC to do generate the VPMASK and SMEKEY

Maguire Sharing Call Origination Network Signaling and CDPD:13 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 When should you use WS vs. S
Use WS when number of registration operatons > call origination/termination.
Can use an adaptive algorithm:
based on statistics move between WS and S schemes
once you make a call, then use S scheme; but if you move without
making a call, then revert back to WS scheme

Maguire When should you use WS vs. S Network Signaling and CDPD:14 of 41
maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Cellular Authentication and Voice Encryption
(CAVE) Algorithm
IS-54B - TDMA standard - includes CAVE algorithm
Computes Authentication Result (AUTHR) using SSD, ESN, MIN, a random
number (RAND).
RAND is typically updated in the system every 20 minutes and SSD is updated for
each mobile every 7 to 10 days [3].
3 of the 4 IS-54 algorithms have been broken:
David Wagner (University of California at Berkeley graduate student)
and Bruce Schneier1 & John Kelsey (both of Counterpane Systems)
announced they they had broken the Cellular Message Encryption
Algorithm (CMEA)[5] which is used to protect the control channel (for
example, dialed digits, alphanumeric pages).

1. Author of the popular book Applied Cryptography.

Maguire Cellular Authentication and Voice Encryption (CAVE) AlgorithmNetwork Signaling and CDPD:15
maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 D. Wagner, L. Simpson, E. Dawson, J. Kelsey, W. Millan, and B.
Schneier, Cryptanalysis of ORYX[6] - shows that the stream cipher
used to protect data is breakable with a plain text attack.
voice privacy depends on a XOR against a generated string - which is
generally rather easy to break

Maguire Cellular Authentication and Voice Encryption (CAVE) AlgorithmNetwork Signaling and CDPD:16
maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Further reading
TIA

[1] TIA public documents

ftp://ftp.tiaonline.org/tr-45/tr45ahag/public%20documents/
TSB-51

[2] Cellular Telecommunications & Internet Association (CTIA) World of

Wireless Communication, http://www.wow-com.com/
[3] Jey Veerasamy, Cellular Authentication, University of Texas at Dallas,
http://www.utdallas.edu/~veerasam/cs6385/authentication.ppt

[4] Yi-Bing Lin, Seshadri Mohan, Nelson Sollenberger, and Howard Sherry,
Adaptive Algorithms for Reducing PCS Network Authentication Traffic,
IEEE Transactions on Vehicular Technology, 46(3):588-596, 1997.
http://liny.csie.nctu.edu.tw/ieee-tvt94c.ps

[5] David Wagner, Bruce Schneier, and John Kelsey, Cryptanalysis of the
Cellular Message Encryption Algorithm, Crypto97, 1997.

Maguire Further reading Network Signaling and CDPD:17 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 http://www.counterpane.com/cmea.pdf

[6] D. Wagner, L. Simpson, E. Dawson, J. Kelsey, W. Millan, and B. Schneier,

Cryptanalysis of ORYX, SAC98,
http://www.cs.berkeley.edu/~daw/papers/oryx-sac98.ps

[7] CAVE algorithm

ftp://ftp.ox.ac.uk/pub/crypto/misc/CAVE.tar.gz

Maguire Further reading Network Signaling and CDPD:18 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 PAC Network Signalling
Personal Access Communications Systems (PACS)
supports:
basic call control
roaming
handoff management
Does not use MSCs or HLR/VLR, but uses Advanced Intelligent Network (AIN)
protocol with an Access Manager (AM), AIN switch, and AIN SCP.

Maguire PAC Network Signalling Network Signaling and CDPD:19 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 PACS Architecture
AIN SCP
AM
HLR
VLR
radio port control unit (RPCU) AIN
SS7
PSTN
AIN STP
AIN trunk
switch
ISDN
radio port (RP) AM

interface P
ISDN AM

interface A

MS
portable
fixed access unit
Figure 6: PACS Architecture

Maguire PACS Architecture Network Signaling and CDPD:20 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Access Manager (AM)
The access manager in the RPCU, it provides:

radio control managing the RPs, trunk provisioning, RP to RP link transfers

non-radio service control call control (managing the B channels), switching, routing

The RPCU has to deal with inter-RPCU handoff (similar to inter-BSC handoff)
and inter-RP handoff.
Note: an AM is also located in the AIN SCP; the two interact with the ISDN/AIN
Switch providing tunneling/de-tunneling (i.e., encapsulation) of the ISDN
REGISTER messages over AIN.
Pg. 125 notes that the RPCUs could be connected via an IP network to the VLR,
thus by passing the AIN/ISDN Switch (SSP) for all non-call associated (NCA)
signalling.

Maguire Access Manager (AM) Network Signaling and CDPD:21 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 AIN/ISDN Switch
Note: The text often refers to this as the AIN SSP.
Uses:
SS7 ISUP to set up trunk and for inter-system handoff
SS7 TCAP to support mobility management and transport AIN
messages between switch and SCP; the AIN messages are basically
RPC calls to the SCP
ISDN for:
call control {standard ISDN},
automatic link transfer (ALT) {FACILITY message for handoff}, and
non-call associated (NCA) signalling {for example, communication between RPCU and VLR
for registration and authentification - REGISTER message - which is encapsulated in an AIN
NCA-Data message}
Also provides:
Automatic Code Gaping (for traffic load control)
Automatic Message Accounting (for access charging)

Maguire AIN/ISDN Switch Network Signaling and CDPD:22 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 AIN SCP
Provides service logic, databases, and operations to support:
HLR
VLR
AM
AuC
Communications:
with the switch AIN TCAP
with external PCS databases via IS-41 protocol

Maguire AIN SCP Network Signaling and CDPD:23 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 PACS Intersystem Handoff
PACS Intersystem Handoff/automatic link transfer (ALT) follows IS-41 anchor
switch approach.

Maguire PACS Intersystem Handoff Network Signaling and CDPD:24 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 3 alternative inter-RPCU handoff methods
a. Before ALT b. After ALT (Switch Loopback) c. After ALT (Direct Connect)

Switch Switch
Switch

RPCU RPCU RPCU RPCU

RPCU RPCU

d.During ALT e. After ALT

(Three-Way Calling Connections) (Three-Way Calling Connections)

Switch Switch

RPCU RPCU RPCU RPCU

Maguire 3 alternative inter-RPCU handoff methods Network Signaling and CDPD:25 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 CDPD
In 1992, AT&T Wireless Services developed cellular digital packet data (CDPD)
protocol, a data-only protocol that (re-)uses the AMPS or IS-136 network. Packets
(typically some 1.5 kilobytes) use vacant cellular channels - either an assigned
channel or between calls.
CDPD does not communicate with the underlying network (but does utilize
knowledge of this networks channel assignment algorithms to predict when
channels will be available for CDPDs use).
Mobile Data Base Stations - do channel sniffing to find idle channels
It is essentially an implementation of Mobile*IP.

Maguire CDPD Network Signaling and CDPD:26 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Motivation for CDPD
Most traditional cellular systms (such as AMPS) are unsuited for packet
data
Long call setup times - many seconds (vs. CDPD with from under 1 to 4 sec)
Modem handshaking required - this modem training can take more time than the data
transfer time!
Analog providers already have AMPS allocation
Re-use AMPS channels to provide data service.
Must not interfere with existing analog service (i.e., operators bread and butter)
no new spectrum license needed - but you get to make more money with the spectrum you
already have (IFF you can share the spectrum wisely)

Maguire Motivation for CDPD Network Signaling and CDPD:27 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Goals
low speed data: Paging, short message, e-mail, (achieve 10-12kbps)
broadcast and multicast (for example, for fleet management)
always on-line packet data service
transparent to existing AMPS service, but shares spectrum with it

Maguire Goals Network Signaling and CDPD:28 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 CDPD network architecture
Mobile End System (M-ES), Mobile Data Basestation(MDBS),
Mobile Data -Intermediate System (MD-IS)

Internet
MD-IS
MD-IS
PSDN

M-ES
MDBS

AMPS BS
AMPS PSTN
MSC

Maguire CDPD network architecture Network Signaling and CDPD:29 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 CDPD Entities
Mobile End System (M-ES)
Subscriber unit - interfaces with the radio at 19.2 kbps
Subscriber Identity Module (SIM) - used to identify subscriber
Mobile Application Subsystem - actually provides the functionality
(could be a PDA, Laptop, embedded processor, )
Mobile Data Base Station(MDBS)
controls the radio: radio channel allocation, channel usage,
one modem/transceiver per radio channel pair (up & down link)
generally co-located with the AMPS basestations (so they can share
antenna, site, )
Mobile Data-Intermediate System (MD-IS)
frame relay switch + packet router
buffers packets destined to M-ES it knows about (== with TEI assigned)
supports user mobility by a mobile location protocol
Maguire CDPD Entities Network Signaling and CDPD:30 of 41
maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 other entities
Fixed End System (F-ES) - hosts

External F-ESs tranditional non-CDPD host

Internal F-ESs hosts within the boundaries of the CDPD network; they have access to additional internal
network data (usage accounting information, mobile location information, subscriber
authentication information,

Accounting collection and distribution of usage accounting data (each MD-IS

Server (AS) periodically sends its usage information to the AS)

Authentication supports the authentication function in CDPD; may or may not be a

Server part of the MD-IS

Directory Server supports directory services within the CDPD network (could support
DNS and/or X.500)

Network includes configuration management, fault management, performance

Management management and other functions
System

Maguire other entities Network Signaling and CDPD:31 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Limits
No direct M-ES to M-ES communication
radius of a CDPD cell is limited to <10 miles (i.e. < 17km)
each M-ES can only send two packets back to back - to avoid hogging
the channel

Maguire Limits Network Signaling and CDPD:32 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Handoffs
MDBS broadcasts a list of available channels
When M-ES finds link quality has dropped below a threshold, it checks the
channels from the MDBSs that it can hear; if there is a better channel it initiates a
link transfer - by switching to the new channel and registering with the new MDBS
MD-IS maintains a registration directory
contains a list of Temporary Equipment Identifiers (TEI)
associated with each TEI is a element inactivity timer (T203)
associated with each radio channel stream is a TEI notification timer
(T204) - when this timer goes off MD-IS broadcasts a list of TEIs with
data buffered for them {mobiles with nothing to send can sleep until the
next TEI notification frame}
when a mobile wakes up and hears there is data for it, it send a
Receiver Ready (RR) frame

Maguire Handoffs Network Signaling and CDPD:33 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Connectionless Network Services (CLNS)
CDPD supports both:
ISO connectionless network protocol
IP

Maguire Connectionless Network Services (CLNS) Network Signaling and CDPD:34 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Roaming Management
Each M-ES has a unique Network Equipment Identifier (NEI) which is associated
with a home MD-IS (Mobile Home serving Function (MHF) {a Mobile IP Home
Agent}.
Home MD-IS keeps location directory of the MD-IS currently serving each of its
mobiles
Each MD-IS keeps a registration directory listing currently visting mobile (Mobile
Serving Functon (MSF)) {a Mobile IP Foreign Agent}
When a M-ES moves, the home MD-IS explicitly cancels the registration at the
former MD-IS.
Packet routing is handles just as in Mobile IP.

Maguire Roaming Management Network Signaling and CDPD:35 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Multicast
CDPD has explicit provisions for Multicast and enables mobiles to register for a
multicast NEI - this must include a Group Member Identifier (GMID) which is
unique with in the group
Details at:
http://www.leapforum.org/published/internetworkMobility/split/node75.htm
l

Maguire Multicast Network Signaling and CDPD:36 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 CDPD Modems
Price
Sierra Wireless AirCard 300 $479 http://www.sierrawireless.com/
Novatel Merlin CDPD $299 http://www.novatelwireless.com/
Minstrel S and Minstrel V

Maguire CDPD Modems Network Signaling and CDPD:37 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 CDPD usage
Very popular for vending machines
Public safety agencies, Law enforcement,
Handheld/laptop IP access
Price Plans- From $14.95 per month for 250 kilobytes to $39.95 monthly for
unlimited usage with a two-year commitment
Of course if you are vending machine you dont buy an unlimited plan, but
perhaps if you are vending machine operator you do.
http://www.navtrak.net/technologies.html

Wireless WebConnect!, Inc., http://www.wwc.com/press/press20010806.html

$59.95 unlimited local usage plus 400 KB of usage in non-local areas (roaming)

$129.95 unlimited local usage plus 1500 KB of roaming

$199.00 unlimited local usage and up to 3000 KB of roaming.

Maguire CDPD usage Network Signaling and CDPD:38 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 http://shop.store.yahoo.com/dreampages/novwirmin540.html

$29.99 Handheld Local Unlimited Plan unlimited local usage in areas where AT&T operates
wireless data, $0.05/kbyte when roaming
$54.99 AT&Ts PC Card Local Unlimited Plan - if you load an OS other than PalmOS or Pocket PC

Operators and coverage maps

http://www.novatelwireless.com/support/CDPD%20Tech.html

Maguire CDPD usage Network Signaling and CDPD:39 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 Further reading
CDPD

[8] Mark S. Taylor , William Waung, Mohsen Banan, Internetwork Mobility:

The CDPD Approach, Pearson Education, Inc., June 11, 1996
http://www.leapforum.org/published/internetworkMobility/split/main.h
tml

[9] A. Salkintzis, Packet Data over Cellular Networks: The CDPD Approach,
IEEE Communication Magazine, vol. 37, no. 6, June 1999, pp. 152-159.
[10] Sun Jong Kwon, Yun Won Chung, and Dan Keun Sung, Performance
Analysis of CDPD Sleep Mode for Power Conservation in Mobile End
Systems, IEICE Transactions on Communications, VOL. E84B, no. 10, Oct.
2001
http://cnr.kaist.ac.kr/~ywchung/paper/APCC2001sjkwon.pdf

Maguire Further reading Network Signaling and CDPD:40 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures
 [11] Y. Frankel, A. Herzberg, P. A. Karger, H. Krawczyk, C. A. Kunzinger, and
M. Yung. Security issues in a CDPD wireless network. IEEE Personal
Communications. Volume 2, Number 4, August 1995. pp. 16-27. For a short
summary of this paper see:
http://swig.stanford.edu/pub/summaries/wireless/security_cdpd.html

Maguire Further reading Network Signaling and CDPD:41 of 41

maguire@it.kth.se 2002.03.14 Mobile and Wireless Network Architectures